use full gpg fingerprint

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
 
 
Attachments:
Message as email
+ (text/plain)
Delete this message
Reply to this message
Author: der.hans
Date:  
To: quatsch
Subject: use full gpg fingerprint
moin moin,

we've known that collisions could happen on short key ID for pgp/gpg, now
we have some collisions in the wild and at least one tool is using short
key IDs to find (un)trust(worthy) paths between keys.

http://gwolf.org/node/4070

SCaLE uses the full fingerprint for key-signing parties. PLUG does as
well. In my experience that's always been expected.

Adjust your config to make sure WoT checks also use full fingerprint.

ciao, 

der.hans
-- 
#  http://www.LuftHans.com/        http://www.PhxLinux.org/
#  "Just because it can be exploited doesn't mean it's a weakness" -- der.hans
---------------------------------------------------
PLUG-discuss mailing list - 
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss


This message was posted to the following mailing lists:
Plug Discuss
Mailing List Info | Nearby Messages		<-Re: Surge supressorUML and ERD Software->
Some Mailing List Archive administrated by UnconfiguredLurker (version 2.3)